local 192.168.1.150 # This is the IP address of the real network interface on the server connected to the router
port 1194 # This is the port OpenVPN is running on - make sure the router is port forwarding this port to the above IP
proto udp # UDP tends to perform better than TCP for VPN
mssfix 1400 # This setting fixed problems I was having with apps like Remote Desktop
push "dhcp-option DNS X.X.X.X" # Replace the Xs with the IP address of the DNS for your home network (usually your ISP's DNS)
push "dhcp-option DNS X.X.X.X" # A second DNS server if you have one
dev tap
dev-node MyTAP #If you renamed your TAP interface or have more than one TAP interface then remove the # at the beginning and change "MyTAP" to its name
ca "C:\Program Files\OpenVPN\easy-rsa\keys\ca.crt"
cert "C:\Program Files\OpenVPN\easy-rsa\keys\server.crt"
key "C:\Program Files\OpenVPN\easy-rsa\keys\server.key" # This file should be kept secret
dh "C:\Program Files\OpenVPN\easy-rsa\keys\dh1024.pem"
server 192.168.10.0 255.255.255.128 # This assigns the virtual IP address and subent to the server's OpenVPN connection. Make sure the Routing Table entry matches this.
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1" # This will force the clients to use the home network's internet connection
keepalive 10 120
cipher BF-CBC # Blowfish (default) encryption
comp-lzo
max-clients 100 # Assign the maximum number of clients here
persist-key
persist-tun
status openvpn-status.log
verb 1 # This sets how detailed the log file will be. 0 causes problems and higher numbers can give you more detail for troubleshooting
lines starting with # or ; will not be read by OpenVPN
improved intermediate static key server and client USE the openvpngui.exe installer first, make sure you install the client & the RSA and SSH stuff!
------------------------ server.ovpn ------------------------ local 192.168.1.30 port 1195 proto udp
dev tun
ifconfig 10.8.1.1 10.8.1.2
secret static.key
verb 3
-------------------client------------------------------------- port 1195 proto udp
remote 212.69.61.62 1195
resolv-retry infinite
dev tun ifconfig 10.8.1.2 10.8.1.1 secret static.key
route 192.168.1.0 255.255.255.0
verb 3
If you must use the c:\windows\system32\etc\hosts file remember ipconfig /flushdns
AND static.key must be in the config folder (if you run as service)
i remade the keys, first the build-key-server.bat server and then build-key.bat client1 with both having the same answers
UK London London COMPANY default = support@company.co.uk common name = openvpnserver
default (enter ) for all the rest
THEN (but new keys didn't work) moving the keys directory with ca.key, ca.crt, server.crt and dh1024.pem into the bin directory